Auto renew Let's Encrypt certs script for Nginx server configs.

letsencrypt_auto_renew.sh

#!/bin/sh

######################################################################
# Auto renew Let's Encrypt certs script for Nginx server configs
######################################################################
#
# README:
# This script renew previous certs ONLY.
# Make sure you have "certbot" installed and have created your first
# certs before to run it.
# In addition, you can also setting up your "cron" or "systemd" to 
# automatically run the script.
# Finally, this script is not mandatory, so feel free to customize it.
#
# CONFIGURATION:
# 1) Nginx config directory path:
BASE_PATH=/etc/nginx/conf.d
# 2) Domains or subdomains list (separated by space)
#    Each one should have the same file name. E.g. mydomain.com.conf)
DOMAINS=(dev.mydomain.com api.mydomain.com)
######################################################################


# Iterate through Nginx domains
for DOMAIN in "${DOMAINS[@]}"
do

# Create a backup for each ".conf" file
mv -f ${BASE_PATH}/${DOMAIN}.conf ${BASE_PATH}/${DOMAIN}.bk

# Create the ".conf" server file for Let's Encrypt usage
cat <<EOT >> ${BASE_PATH}/${DOMAIN}.conf
server {
  server_name ${DOMAIN};
  listen 80;
  listen [::]:80;

  location ~ /.well-known {
    allow all;
  }
}
EOT

done

#Restart the Nginx server
service nginx restart

# Renew the Let's Encrypt certs
certbot renew --no-self-upgrade

# Restore the ".conf" backups
for DOMAIN in "${DOMAINS[@]}"
do

# Restore the backup for each ".bk" file
mv -f ${BASE_PATH}/${DOMAIN}.bk ${BASE_PATH}/${DOMAIN}.conf

done

# Restart the Nginx server
service nginx restart